jai1 opened a new pull request #1169: Proxy forward auth data
URL: https://github.com/apache/incubator-pulsar/pull/1169
   Review this PR after 
   Have rebased this PR on top of 
   Currently the proxy extracts and forwards the client Principal to the 
broker. Client Principal is a modifiable string i.e can be changed or 
manufactured by the Proxy.
   What we want to do instead is to send the clientAuthData to the broker - 
which is in most cases digitally signed. The broker will extract the client 
principal from the clientAuthData and reauthenticate the client.
   In order to enforce this behavior we have introduced two new flags:-
   - authenticateOriginalAuthData on the broker 
   - forwardClientAuthData on the Proxy

This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:

With regards,
Apache Git Services

Reply via email to